Credibility

Credibility… It’s the only currency that means anything on this kind of playing field. Dean’s got the tape, and he’s gonna come out with it. And when he does, I want his credibility. I want people to know he’s lying before they hear what he says.

That’s a quote from the 1998 movie ‘Enemy of the State’, spoken by NSA man ‘Thomas Reynolds’, played by Jon Voight. To miss the parallels between this movie and what is happening to Edward Snowden, Bradley Manning and others, would be foolish! Foolish I say.

Is the general public so blind as to get completely sidetracked from the real issues by the media and the government throwing us crap about how Snowden never graduated from high-school, or how his girlfriend is a pole-dancer? Or how Manning is a homosexual or whatever? What does that have to do with.. well anything? Credibility. If you break the character, anything he or she says will be interpreted in that broken light. Surely anything that stinking homo-sexual says can’t be taken seriously! (/sarcasm, in case it wasn’t clear enough).

On the note of credibility, this week saw former vice president of the United States Dick Cheney call Edward Snowden a ‘traitor’ and possibly a spy for china. That’s rich! Coming from a man who lied to an entire nation about the reasons to go to war in Iraq. How come he has credibility enough to spew crap like that? Well for one, he’s a politician. He’s wealthy. He has a name for himself. Snowden on the other hand is a nobody, and therefore easier to break.

This week we also had the Director of the NSA, General Keith Alexander testifying in front of the House Intelligence Committee (part of the US Congress as I understand). The gist of the thing was denial, of course, but behind it all, I (and others) sense a play on words and semantics. Gen. Alexander is denying that the NSA is actually actively looking at the data. Quote:

“It’s a very deliberate process,” Alexander said. “We don’t get to look at the data. We don’t get to swim through the data.”

This has been repeated multiple times, worded differently.. This doesn’t say the NSA doesn’t collected the data. It says they don’t actively look at the data. They are separating collection from examination. The key issue is that you can’t look at data that you never collected. Once you have that data, it’s easier to go back and say “Ok, let’s see what we have”. This is the same as with many other issues, some of which I have discussed on this blog in the past (such as the Finnish national fingerprint database for passport holders).

Other comments of note are:

“I think what we’re doing to protect American citizens here is the right thing,” he said. “We aren’t trying to hide it. We’re trying to protect America.”

Ding ding ding. Protect America. After that we can just do whatever the hell. And you’re not trying to hide it? That’s probably why the program (and I’m sure) many other such programs are classified, and legal permissions to do this are decided in a secret court. Actually, it’s called the Foreign Intelligence Surveillance Court, which is apparently the place where they rubber stamp approvals for NSA surveilance. Rubber stamping you say? Doesn’t the court actually review the warrants before accepting them? They may. We don’t know. Because it’s like, classified. This list here, by the EPIC (eletronic privacy information center) tells a story. Observe closely the columns “Applications Presented” and “Applications approved”.

Another play on words happens during the hearing when some questions presented to Gen. Alexander, namely “Is the NSA on private companies servers as defined under these two programs?”, “Does the NSA have the ability to listen to Americans phone calls or read their emails under these two programs?”, and “Does the NSA have the ability to flip a switch by some analyst to listen to Americans phone calls or read their emails?”. These questions were asked by the chairman of the Intelligence Committee. The answers to all three questions were “No”. But not just a simple no, the answers were, “The NSA does not have the authority to do so.” The question was whether the NSA has the ability or not. The answer was about the authority to do so. Also note the phrasing of the first question: Is the NSA on company servers? I could think of a number of ways that they could look at the data without being “on their servers”. He’s most certainly being truthful. If that was a real hearing, say in a court of law, there would have been a follow-up question to General Alexander, something like: “Sir, please answer the question as asked?”. The answer to the question of whether the NSA has the ability, is most probably yes. Is this the whole “We are not trying to hide it”-part? The two programs mentioned in the question are ‘215’ and ‘702’, the former being the “Verizon-wiretapping“-thing, and the latter being Prism.

That whole Verizon thing is curious, too. It seems to do exactly the opposite of what Gen. Alexander said. Except there was another play on words. “Can they listen to phone calls” -“No”. Okay, let’s pretend for a moment that’s the case. The Verizon wiretapping was about the meta-data of the phone calls, not the audio of the call itself. I would argue the meta-data can be even more harmful, because it tells you locations of potentially both parties, it tells you information on the handset etc. I would venture that once you know the cell-site your target is in, the discussions could then be captured using any number means (other than wiretapping, which I do not believe for a second they aren’t doing), like your standard parabolic microphone, HUMINT resources, boots on the ground, you know that sort of thing? Like somebody said (it’s too late in the night (2:12) for me to dig up the source for this one, sorry), “In order to find a needle in a haystack, you first need to have a haystack.”

But according to General Alexander, these programs have prevented “50+” terrorist attacks. Which attacks? Oh well. Attacks. Just general attacks. Around. Two of the planned attacks were mentioned (the plans to attack the New York subway, and the financial district). That leaves “48+” attacks. Where is the transparency? What is the damage in telling the public exactly which terror attacks, by which terrorists, in which countries? What can the terrorists gain by knowing which terroris attacks were prevented by US Surveilance programs? I’m pretty sure it’s not a secret that the US conducts foreign and domestic surveilance. I think there was the comment that “talking about the specifics of the cases would reveal details about the surveilance programs, which would help terrorists circumvent the surveilance”. If I was an American, I would have some questions for my elected officials.

Ok before I’m completely wrapped in tinfoil, let me conclude this post by saying: There’s credibility, and then there is credibility. When you reach a certain position, you can do or say whatever you want.

A slippery slope

I was wathcing the news yesterday, and there was a piece on the government supporting teachers getting the right to go through students bags and such while at school. I think this is a horrible idea. Let me tell you why.

Traditionally, a person and his property are his. You need probable cause to search this person or his or her property. What they are now proposing is that teachers get the privilege to go through their students stuff, in order to..what prevent school shootings? I guess that’s the subtext, since we’ve had a few of those. Now, I don’t have to tell you school massacres are a bad thing; hint: they are. What I’m saying is loss of privacy is even worse. What would the teachers consider harmful? The article, posted on yle.fi here, mentions harmful items and substances. So drugs and guns? Let me be the first (not) to tell you that this will not solve the problem of school shootings. Why? Because I can come to school in the middle of the day and start shooting, before anyone has had a chance to look at my bag. Should we then install metal detectors at schools, and be all American, and shit? Not a bad idea, but imagine the amount of false positives? Start X-raying the pupils bags? Fine, but imagine that scene from the Matrix. Yeah that one. This isn’t creating security, this is creating insecurity, delays and loss of privacy.

Where we should spend money, in my humble opinion, is mental care, and early detection of mental issues at school. Talking to people works better than patting them down. We all remember that kid from school that nobody talked to, who always sat in the back of the class and didn’t speak to anyone unless spoken to. These are the people (among others), that we should be talking to. Making connections, talking to parents, talking to peers.

There is no amount of physical security that will prevent all shootings. You can say that “Sure, but it’d stop some, so isn’t that worth it?!”, but I don’t think it is. The determined person will always find a way. And what we will have lost in the process is much more valuable.  Because once we start down that road, there’s no stopping. Next we’ll have authorities looking at what books are checked out from the (school) library, what people chose to eat at school or work, and using that to start profiling people, and comparing those profiles to those of ‘threatening individuals’, or anything that’s indicative of risky behavior. We’re gonna start getting the classic “If you’re not a bad person, you shouldn’t have anything to hide”-argument. People are gonna shrug, and go along. And before you know it, we’re in the surveilance society. Finland still has a fighting chance. We don’t have cameras everywhere. It’s a big country with low population density.

We know by example that what the authorities tell us is just their best effort. Start collecting fingerprints for passports? Promise us to just use them for that purpose? Fast forward a few years, and we have police/politicians saying “Okay, now that we have these handy fingerprints of almost every Finn, why not.. use this data? I mean, we already have it!”. The authorities are not robots. They are not immune to personal desires and misbehavior. Look at the amount of police looking, illegally, into the cases of a number of celebrity crimes (Anneli Auer, Mika Myllylä to mention a few; the latter of which had 136 police officers snooping around data that they were not authorized to view). The fact that the data is collected, or the authority given, does not protect us from mis-use. It makes it easier.

We’re now considering installing traffic cameras that would look at not only speeding and running red lights, but see if a car has been inspected (as is mandated by law), if it’s registered, whether people are wearing seatbelts etc. Again we get the “So don’t do anything wrong!”-argument. But this doesn’t change the fact that we are getting authorities with increasing amounts of data on our movements and actions that they have no business knowing. The fact that they will collect the data will lead to them abusing the data. Imagine if that data were to get to the hands of advertisers? Minority Report, anyone?

We saw the S-chain of stores use loyalty card data to send out warnings on a product that contained harmful substances. So you buy a bag of chips, and flash your loyalty card (or bonus card as we call them here) at the checkout, and whammo, the store knows what you bought, when, how you paid, etc. “No no, this is just for statistics and..” ..and when you want to contact people to let them know they bought a potentially dangerous item. And maybe if you want to send targeted advertising to people based on what they bought? Or maybe sell that to third parties who also want to know what you buy and when. Hey, bought adult diapers? Either you’re a pervert or you have a medical condition. Maybe someone would benefit from knowing that information. Would you like that information to be public? Probably not. But then, the store wouldn’t use that data to do anything evil, now would they?

So don’t use loyalty cards. Don’t pay by credit. Don’t drive. Don’t move. Don’t go to school. Don’t get a passport and don’t travel. Don’t..

 

Some notes from the road

First I want to talk a little bit about airport security. This was the first trip that I was ‘nude-scanned’. The scanner was at McCarran International Airport in Las Vegas. The device doing the scanning is a ProVision ATD. The type of scanner this is, is a millimeter-wave scanner. Unlike the X-ray backscatter type machines, these should not pose any health risks, as the radiation is not ionizing. There’s a comparison of the two technologies here.  When we flew in to the US, I saw the same machines deployed at O’Hare in Chicago, however, for some reason they were not being used. A regular metal detector was used instead. At LAS when leaving, they put some passangers through the millimeter-wave scanner, and some people through the metal detector. When it was my turn, four people had just passed through the metal detector. For no apparent reason (I didn’t notice a pattern), they closed the metal detector, and put me through the millimeter-wave scanner. You step into the device, and turn 90 degrees to face a set of instructions. There are spots on the floor marked for where your feet go, and you are instructed by a picture to hold your hands above your head. The device appears to do a sweep (looks like the door is closing on the round device), and then the TSA attendant asks you to step out.

Later, they also switched it around, bringing some people through the metal detector, and some through the scanner. Shit. Almost wrote scammer, there. An associate of mine walked through the scanner after me, and after that, he was patted down by the TSA agent. Why? Was he armed to the teeth? No, he was carrying a standard Finnish passport in his pocket. So the gorillion dollar device can’t distinguish between a passport and something that can be used as a weapon? Looking at some of the images of the user interface, and what I was able to see myself, the screen that they look at doesn’t show an image of a person when he or she is being scanned. Just a grey screen, which appeared to turn green when everything was okay. I didn’t see the “failed” scan, but i assume it might have shown the location of the suspected item. But, a passport? For reals? I felt a whole lot less secure after seeing that…

Also, how do they pick who gets the scanner, and who gets the metal detector?

A noteworthy detail is that there was a sheet of paper outside the machine which explained the technology, and the last row was something like “The use of this technology is optional”. Optional, when you’re four steps from the machine? I’m sure declining at that point would set off zero rectal search alarms? I was planning on declining myself, but I guess I might have chickened out / noticed the note a bit too late. I guess it would have meant the metal detector + a pat down, even if nothing beeped. And some gruntled TSA personel.

There were also new “rules and regulations” on the inbound flight. The Lufhansa flight attendants were ‘required’ to tell us that “grouping in the aisle or near the toilets or the kitchen during the flight is not permitted”. There was an incident on our Frankfurt -> O’Hare  747-400 type airplane where two people were using their phones near the toilets (both were of non-caucasian descent, if that matters), and the flight attendants announced, apparently due to this, that no loitering near the toilets was allowed. The two men declined to move, or didn’t listen, and a flight attendant was there very quickly, asking them to take their seats. After that, the captain turned on the fasten seat-belts sign. There was a rather clear connection between the two events. There was no turbulence, and we were thousands of miles from O’Hare.

You’re wondering about them using their phones? The flight had (paid) WLAN on it. The only caveat was that you were not allowed to use VOIP type applications, as per the terms of service that you accepted when you bought the service. 1 hour was 9,50 €, and 24 hours was 19,90. The connection was provided by satellite, and the service provider was T-mobile out of Germany. Latencies from the middle of the atlantic (or geostationary orbit i suppose?) to Finland were around 600-800 milliseconds. Downspeed was ~3Mbps, and up was 0.03 Mbps, according to Speedtest.net.

The connection worked very well in general, if you didn’t mind the slow upspeed, buying the service was easy with credit card. A notable detail is that when you associated with the AP, you had DNS resolution, so you could maybe have, contrary to the service agreement, have tunneled out using DNS, and something like NSTX. I didn’t poke around more, nor did I take too many other details off of the connection, but those are my notes.

I just had to edit this again to add this: God damn it it grinds my gears when people do not behave on aircraft. Jesus Herbert Christ! On the return flight to Helsinki, we had an awesome flight attendant. Funny, well spoken and approachable. When we were wheelsdown in Helsinki, still taxiing to our gate, a guy just decides to stand up to get his stuff. She told him “Sir, sit down!”. He did. Before we were completely stopped, and the captain had turned off the seat-belt light, there were at least ten mobile phones powering on, and seatbelts clicking lose.

People: You do not get off the airplane any faster by doing these dumb things. And if you tumble and fall, or drop some luggage on me while doing this shit, I will go medieval.

After we had come to a complete stop, I told the flight attendant “Same thing every time, huh?”, and she said “YEAH! Every time! Why do they keep thinking they’ll get off the plane faster?” She then turned to the man who had stood up during taxi, and asked him, “Sir, why did you stand up? Why? You could get seriously hurt!”, and he just shrugged and avoided her very piercing gaze, mumbling something under his breath.

P.P.S. Oh, and also, there are no bookshops on the Strip in Vegas. Just a hint to anyone who wants to maybe, I don’t know, make some money. I asked the concierge at the hotel we were staying at, and she said I’d probably have to get a cab to get to the nearest book store…

NYC – A Post-Mortem

A writeup on my trip to New York in July 2012. I’ve separated it into a few topics, so you can read what you want, or all of it if you are bored.

Travel, Security & Airports

Finnair gets a slap

First of all, i’d like to slap Finnair with a huge wet fish. I had some .. curious issues trying to fill in my data for the flight. By data, I mean the supplementary data that is required to travel to the US. I did my ESTA-thing, and was approved for travel. That system, even thought it costs actual big-people money, works fairly well. Finnair on the other hand, which took 742 euros of my money for a roundtrip, did not work too well. I got an e-mail a 2 weeks before my trip telling me that I need to add some information. I was provided with a link to do so. I edit my information and hit save. Nothing happens, though it did submit something. Close the little window, and hit confirm on the main page: “Your reservation number 123456 could not be found”. Yes, literally that message. Tried IE. Tried Chrome. Tried Firefox. Same result.

So I decide to call Finnair. The phone-call costs 3.15€ per call, plus local per-minute fees. Not exactly cheap, considering that Finnair isn’t usually the cheapest choice in tickets either…

A peppy-sounding woman answers, and I describe the issue to her. She offers to take my information and feed it to the system over the phone. I tell her every single item, and spell any names and such. I didn’t spell New York to her, but more on that later. So i ask her whether the information is on time, and she tells me she doesn’t know, but that she thinks it’s 72 hours prior to travel. This actually applies to the ESTA-form, afaik, and not this supplementary information that the airlines send to the relevant US authorities.

At the end of the call, she tells me to check the website again to see if the information is there and correct.

Rest assured, it was not. Let me itemize some of the things that were either missing or incorrectly typed:

  1. My middle name was missing, even though i gave it
  2. My passport number was missing two characters
  3. My passport expiry date was incorrect (i even got an error saying that my passport is now expired and that i should contact Finnair!!). She typed 2012 when she was supposed to type 2013, making my passport expired
  4. The destination city was typed incorrectly. Now, i may be anal about this, but if you work for an airline, or in the travel industry, even as a temp, you should know how to spell New York.Hell, if you are a human being in the western hemisphere, you should know! But no. She spelled it New Yourk. In my mind, this was the stupidest, though perhaps the smallest, of all the faults she had made.

So after a short moment of perplexion, i redial the Finnair customer support number. I think I got the same Woman, because she neither confirmed or denied when I inquired about whether she was the one I talked to earlier. I tell her the information is incorrect, and start out with the ‘New Yourk’-issue, because that stumped me the most. She started out by telling me: “Oh that’s a small mistake..but I’ll go ahead and correct it anyway”. I then described the other three issues (perhaps not so minor, eh Finnair?) which I asked her to read back to me once she’d typed them in. She then tried to cover her ass by saying “Some of the information we type into our systems don’t show up on the website, so don’t worry”. I could understand if it was my choice of meals on the plane, or what color luggage I was planning on checking in, but what would be the point of having two separate systems that integrate partially? I  mean you could do it that way, but it just sounds weird to me. Then, I’ll disclaim that I’m not a code monkey so i don’t know how they (don’t?) think.

I still didn’t trust her, but decided not to check the information online anyway. I had this theory where, if i open the thing online, it wipes out some of the fields she’s typed in on their end. Sounded plausible at the time..

Now, I am a cautious person by nature. Some might call me neurotic (and be correct in their statement), or even paranoid. But when it comes to dealing with US three-letter-agencies, I tend to want to err on the side of caution. They’ve turned away people at the border for tweeting jokes, so what would happen if my passport number was incorrect? I also bet that Finnair is completely void of any responsibility for any missing or mis-typed information, through some EULA or other agreement I must have mentally signed when I woke up that morning and thought of Finnair. And the amount of .. emotion I would have felt should I have been turned back at the border after paying for everything.. would have been substantial.

I also sent in a complaint to Finnair through their webform (yeah yeah, the irony). I checked the box saying “Yes, I want to be contacted on this issue”. After a while, i got an e-mail saying (or maybe it was on the website after i submitted the form?) that their complaints department is very busy right now, and that someone would get back to me within 28 days. Two weeks after I have returned from my flight. OK, fine, I’ll wait. I’ll also blog about what they say.

The funny did not stop here. A short while later, i get an SMS from Finnair, saying, roughly: “Hello! You’ve recently sent some feedback to us. Would you like to fill in a questionaire on your experience? You could win Finnair Plus gift-cards (or some such trinkets /note) for your troubles!”. Needless to say, I filled in the questionaire, vitriolic content flowing through my literary veins.

I don’t think I’ll win any gift-cards.

Samsonite gets a cookie

I bought my single most expensive piece of luggage before the trip. I was getting tired of lending bags, or using crappy supermarket-quality bags. I bought the second best Samsonite they had on display, at roughly 200€. A black, hard-shell stroller with four wheels. 10 year warranty. Absolutely worth the money. Lightweight, tough, easy to move around. And the obligatory TSA-approved lock, so they can open my bag when they want to!

Equipment

The plane both ways was a Finnair-owned Airbus A330-300 (tail number OH-LTO i think?). The planes were clean, looked “right-out-of-the-factory” for the most part. Neatest part for a geek? Every seat, even in economy, had their own entertainment system in the seat in front of you. And best of all? It ran linux. I’ll add some pics later, which I was able to snag when the guy in front of me fell asleep on his screen, causing it to reboot. The screens got fairly hot, but all in all they worked flawlessly. The screens were resistive touchscreens, maybe 8 inches in size? Also included was a small wired remote with a small lcd-screen. The flipside of the remote had a qwerty-keyboard. The features that I looked at and tested were, in no particular order:

  • SMS (send/receive)
  • E-mail (send)
  • Movies and other video-type entertainment

SMS and E-mail cost two dollars a pop, which is highway (uh.. mile high?) robbery. It costs a shit and a nickle for them to send it out, seriously. I’m gonna look at the email headers later to see what i can deduce from that, as to the route it took etc. Sending and receiving was fairly straight forward, and it asked you to swipe a major credit-card before you started. This felt a bit odd, but since it confirmed each charge separately, I felt pretty safe using it. There’s something about sending an SMS at 11 km above Greenland that tickles my geek-buds.

Also offered was a phone-call option, (the remote/keyboard would have functioned as phone). Sure, phones have been on planes since.. the 80’s? But anyway, first flight i’ve been on that has these ammenities in economy class.

Linux on a Finnair Airbus A330-300

Movies had a fair selection (maybe 30 movies in different categories), all worked fine. Earbuds were included and waiting on the seat on both flights. Again an improvement from the rip-off 5 or 10 dollar charge for those shitty 2 cent chinese headphones on most flights.

So all in all,  Finnair gets points for the flight.

Airports

The airport at Helsinki-Vantaa here in Finland is pretty much the same. They’ve added a new security measure, which involves scanning your passport, then walking into a small booth (not a scanner as far as I know), and then facing a camera which takes your picture. It automatically adjusted for height, and when the picture was taken, it opened the other side so you could pass.

JFK was about the same too, though the TSA has changed some of their uh.. policies. I was at Terminal 8, which is the Finnair terminal, both ways. No nudie-scanners that I could see, so I didn’t need to decline any such invasive radiation based scanning of my body. Too bad, I wanted to see how that worked out, declining that is. I mean, a trans-altantic flight gives you enough of a dose as it is. I see no reason why anyone would like to get irradiated a second time at the airport with technology that is possibly unsafe (or at least not extensively tested), and not even effective.

The TSA signs were pretty funny, stuff like: “Good news! If you’re under 12 years old, tighten your shoelaces! You won’t have to take off your shoes at the security checkpoint!” and “If you are born on or before this date  in the year 1937, you will not have to take off your jacket and shoes”. I for one am thrilled. In only fourty some odd years, i’ll be able to travel without taking off my shoes!

Customs and Border Protection (CBP) was pretty much the same, though I was processed by a rather humorless TSA “officer” (why do these guys and gals still have badges? I’m pretty sure they are not all law enforcement trained). He took my passport, scanned it, and asked some questions. I’m not sure he looked at me in the eyes once. Would that be a sign of weakness? Was he just not interested? What was the score here. I don’t know, but it felt rather strange. And for some reason, he stamped the “Welcome to the USA” stamp in the middle of two pages. Was he looking away when he did the stamping? Perhaps.

On the way back we experienced a heavy thunderstorm which hit JFK head-on. Eventually, a blue light started flashing outside, and they announced that the airport was now closed. All eight terminals of JFK. In the end our plane was like two hours late.

During the wait, we were sitting in the Mastercard lounge, which didn’t have wifi. That was the first thing they announced when we got to the lounge. Most people turned around after hearing this, but we just came for the comfortable leather seats. The wifi would have been pretty great though, but it appears nobody had internet at the airport, not wirelessly at least.

Back at Helsinki-Vantaa, we went through the same “airlock” with the self-adjusting camera. Fast and easy, though I fail to see how this increases security.

Hackers on planet Earth 9

So 13-15th of July was Hope #9. The theme was surveilance. Oh boy, where to start?

So the layout was the same as most years, with a few minor changes. There were three main tracks, and a fourth un-scheduled track. The tracks ran on the 18th floor of the Hotel Pennsylvania in New York. We also had the Penn Pavilion for us, which consisted of a ground floor, and a mezzanine level. The ground floor had signin and security, as well as the music area, and the mezzanine had vendors, hackerspace area, chillout area, art installations and a bunch of other stuff.

I volunteered again, as I did during the Next Hope (the last hope, in 2010.. yeah, the names are confusing :), though this years experience was, I’m afraid, a bit less exciting. Maybe I’ve changed, or maybe it was really different? I helped out during loadin on thursday, and then did some shifts helping out the AV crew during friday-sunday. This year though, the organizers were either too distracted or there were “too many” volunteers. Work was harder to come by than in 2010, and it was hard to find the people who actually knew what they were doing, and what needed to be done. Also, there was a certain.. clique this year. People who had banded together and gotten special vests (STAFF!), special “all areas access”-cards and such paraphenelia that they paid for themselves. That’s okay, I’m all for that, but it kind of serves as a separator between the have’s and have-not’s. And yeah, I’m probably being too serious, as people always keep telling me, but some of the guys there were clearly above the rest. Man, some of the volunteers were hard to even talk to or get eye-contact, because they were so into their role. Think earbuds and CB-radio. Think walking around like you own the place.

And by no means does this apply to all of the volunteers. Just a select few. Anyway, I felt a little out of my league, and out of place. I didn’t do nearly as much work as last time around. Didn’t really feel like it either.

Okay, but enough whining. On to the talks. There were so many talks that i attended, that it is hard to pick out the best ones. I really liked the Prometheus Radio Project talk, the William Binney keynote (ex NSA dude), and Space Rogue’s Media Hype talk (Great hacks that never happened). There were other great ones as well, but there’s some of them. There were over 100 talks, of which you could see roughly.. a fourth maybe? Unless you were Schrödinger’s Cat or something. The talks were all filmed and recorded, and you can buy them from the 2600 store. Some of the speakers have released their slides, look on twitter for instance. Check the #hope9 tag for some of them.

The tickets this year were not electronic. Instead, we got a purple “Passport”. Inside you could affix stickers, or get stamps from different groups or people. My definite favorite was the one I got from Space Rogue; the L0pht Heavy Industries-stamp. Here are some pics of the passport and stuff:

Hope 9 Passport and plain-jane Volunteer card
First and second page of the passport
Some of the stickers and stamps, including the coveted l0pht stamp
Stamp from a weird “russian” 🙂

In the vendor-area there were some new faces. Hackers for Charity (the Johnny Long-project if i’m not mistaken?), the EFF, the FSF and others were present.

I got a bunch of schwag from the conference, mainly stickers and shirts that i bought or received through donations to the non-profits. I was sad that I couldn’t get some of the EFF shirts without becoming a member. That’d be kind of pointless (and not even possible?), since  I’m already a member of EFFI here in Finland. But we need cooler shirts here too damn it! The “I Fight For The User” shirt was especially nice.

Stickers from Hope 9

New York in general

On the last full day, we went to see the World Trade Center site. The new building, One World Trade Center, was looking mighty fine. It’s now the tallest building in New York, and it’s not even finished yet. Awesome building!

We also visited the Museum of Natural History in the uh.. upper west side of town (i think that’s what it’s called), which was well worth the 19 dollar entry fee. So many exhibits and things to look at you would have needed hours to go through it all.

Wireless was still a pain to find. The hotel apparently had some kind of deal, which was 10 dollars a day. I wish I had seen that when i checked in. Oh well. I resorted mostly to the classic “attwlan” or whatever the Starbucks one is called, and other such places (Burger King was pretty good with Wifi too). Intertubes were slow, and laggy. I don’t have roaming data in my contract, because it’s usually prohibitively expensive. Not that we should complain. The Americans are getting ass-raped by their carriers. They pay some insane sums to get small scraps of data. Sure, they have uh.. “4G”, (not really), but who cares if you have a 1G cap? Even residential DSL connections are capped, which is something I will not stand for, even if I don’t download a lot of stuff…

I set one goal for the trip: Try as many fast-food places as possible. I tried: Wendy’s, Burger King, McDonald’s, KFC, Pizza Hut, Taco Bell and Five Guys burgers and fries. Out of those, Five Guys had perhaps the best burgers, while Taco Bell had the most bang for the buck (cheap as hell, and rather filling). Burger King had good fries at times, and KFC had tasty little Chicken Bits. Pizza Hut had just released the garlic bread pizza, which we of course had to try. It was pretty good too.

TV over there is still insane. Like five or six commercial breaks per  hour of programming. And the ads are so fucking inane. Two seconds of content and the rest is warnings and advisories. Why, I had no idea that Cialis doesn’t prevent me from getting HIV!

All in all we walked a lot, and saw the city. I plotted some of the walks we did, and ended up at nearly 40 kilometers of walking, just inside one city and about four days. Great trip, but I don’t know when I’ll be back. It’s pretty darn expensive to go there, and Hope is now kind of.. I don’t know, been-there-done-that? A 3000 euro trip for the two of us is not something you can just go out and do. It takes saving and planning.

I think I’m going to look at the European conferences next. CCC or some of those events? At least the flights are cheaper.

Ok, this is one monster of apost, best to end it here.

A less than great week

So i’m having one of those weeks again. Let’s start by describing what happened last Sunday. I was walking to the store to pick up some necessities, when i noticed that my Nissan had been broken into. The shotgun-side front window had been busted to shit, and my GPS was gone. Now yes, i made a mistake by leaving it out in the open. I was naîve, thinking that my GPS was safe in a car in Helsinki. I’ve always kept it out, but i guess i now live in a neighborhood populated by a bunch of junkies.

Anyway, it was far from a clean job. The window was shattered to a million bits inside the car, and half of it had dropped inside the door. Cleaning it up just so i could drive it to work and put it in the garage was a bitch. So yeah, i decided, instead of taping a black plastic bag over the broken window, i decided to drive it to a safer place. Who know, maybe the same fuck would have come back for my 1994 Green Day “Dookie” cd that i still had in the glove compartment. He also left a 100 euro inverter. I guess it could have been anyone, but my money is on some junkie looking for his next fix of cheap drugs (Subutex or some such stuff). A GPS like that retails for 150 euros or so, and on the black market it ought to fetch 30 bucks? Maybe 40? And that gets you what? In Helsinki, maybe a fourth of a gram of cocaine (probably not his brand of poison), or a few pills of subutex or some benzos.

Sigh.

Anyway, as soon as i noticed what had happened, i pick up my Galaxy S, and call the insurance company to ask about what to do next. However, as i’m slightly shocked by the events, i fumble, and drop my phone, which hits the asphalt with a resounding thump. Perfectly flat on its screen. I pick it up, and next thing you know, i’m picking out small pieces of glass from my hand. Great. Broken car. Broken phone. Phone still works, so i make the call anyway. Insurance company tells me to call the cops, and take the car to a shop for repairs.

Now, all this hinges on the po-lice. The five-oh. Come monday, i look up from their site how to make a report, which can be done either at the station, online or over the phone. I’m adviced by the site that i should not use the electronic form if the crime involves someone breaking in somewhere. Someone broke into my car to steal shit, so i figure i’ll call them instead. On the fourth call, someone picks up. Here’s the dialog:

Me: Hey, i need to make a report. Someone broke into my car.

5-0: Yeah? Well you need to fill out the online form

Me: But.. it said..

5-0: We can’t take reports like this over the phone. Either visit a police station, or fill out the online form.

Me: Fine.

I was stumped, but then again, my faith for our men and women in blue is .. minimal to begin with, so i was not altogether amazed.

So i look up the online form thing. I have to authenticate using my online banking codes. Fine, that’s fairly standard in things like this where you need to be sure who’s doing what. I fill in my info, and it says “Sending this information [insert name and social security number here] to the requesting site. Again, standard practice. I’m then taken to this 90’s rendition of a website, with a simple html form asking for different kinds of information. The first bits of information requested? My name and social security number, which i just authenticated to be sent over for. But hey, okay. Can you make a report under some other persons name? Doesn’t make sense to me why you’d authenticate as John Doe, and then make a report under the name Jane Doe, with her soc.security number. That smells illegal, you know?

So i fill in the fields, which are by the way, limited to like 50 characters. Try describing anything in 50 chars. Try writing the model name of the stolen items in 50 chars. There was also a field which asked how i wanted a copy of the report. The options were “by snail mail” or “i’ll pick them up”. I hit “by mail”, and then decide to click the “info” button next to the field. It says “You can get it by email (but that’s unencrypted mind you!), by mail, or you can pick it up”. There’s no field for “email”, and since the buttons are radio-buttons, i can’t de-select the choice i already made. I was stuck. Fucking sucks. I send it in anyway, and i get a date and time, a reference number. I then file a report with the insurance company. This is a PDF-file, with fillable forms. I then *print it out* because my insurance company doesn’t offer an electronic way of sending in stuff. There are rumors of an email address that accepts stuff, but it’s not public or i didn’t find it. So i then proceed to fucking fax over the form to the insurance company. *bepbepbeeep* Hey look, it’s the 90’s calling. Yeah? Okay. They said they want their technology back.

Jesus fucking christ.

Then i drive over to the car repair shop, so they can take pictures and get an estimate over to the insurance company. So far all good. Two days pass. On the third, i get a call from the insurance company, who say they have not heard from the police department. I then call the police, who give me the run-around, and finally forward me to the documents department. They spend a good 15-20 minutes searching for my report. They ask for my name. They ask for my social security number. The date and time i sent it in. The city i live in. None of these apparently produce any results, and i’m left to wonder whether they ever got the report or not. I try to offer the clerk the reference number that i got after i filed the report. Her reply? “No that’s useless. I can’t do anything with that”. So what, either she’s incompetent, or the reference number is.. a random generated number to make me feel better?

Also, i’ve never made a crime-report. And there should only be one person with my name and social security number in the entire country. So how can it be this difficult to find my report? This is beginning to sound like the work of some big IT service provider.

I was also told that “No the documents are not sent to the insurance company unless they request them (which they also don’t automatically). So i either have to ask the insurance company to ask the police to get the documents, or wait for the police to send the documents to me, so i can i guess..uh.. fax to the insurance company.

All this has yet to happen. No nothing from the po-po. The car guys are waiting for the insurance company, who are waiting for the police. So i’m stuck until they do their thing. Great.

..as for the phone

As i didn’t have a company phone (or i did, but i gave it away to a colleague when i got the galaxy s), i decided to get one ordered for me to replace the now-fucked Samsung. I wanted the Galaxy S 2, but they didn’t have it in stock, and i’m a very impatient man, so i got the HTC Desire Z (the HTC Vision elsewhere). That’s the qwerty-slider. I’ll write something about it once i’ve had a chance to use it first. It seems solid, and they physical keyboard is a nice thing to have around. Also, it supports Cyanogen Mod 7.1.

The Failure of Politics (updated)

In Finland we now have a record six party rainbow coalition government. I wish rainbow would imply certain things, but alas, it does not. I basically had three points that were very important to me during the last parliamentary election:

  1. We don’t stop building nuclear power (if needed), but also don’t stop developing alternative energy.
  2. Women retain the right to abortion
  3. Same sex couples allowed to marry and adopt children if they want to

And let’s see, yes, all of these are now scrapped and fucked over. Basically, during the negotiations that took place in order to form the new government, the Christian Democratic party imposed some terms, that needed to be accepted for them to enter into the new coalition. Now, as a reminder to my esteemed readers, the Christian Democratic party (henceforth CD) has a 4.03% share of the votes (6 representatives in the parliament, out of a total of 200), which is the lowest they have had since the 1995 elections (when they had 2.96% of the votes). This is pretty much one of the smallest parties in the entire parliament, which is how it should be in my opinion. So how come they get to make demands? Basically they said that they will enter the coalition as long as discussion on same-sex adoption rights and marriage rights are put on hold at least for the next four years, and that abortion-laws are reinspected (and supposedly made stricter).

Yes, welcome to the 1950’s.

I wonder what kind of deals were made behind closed doors that made the other five coalition parties agree to these draconian deals. I am amazed that anyone could feel these issues are unimportant or minor! They are, in my opinion, some of the defining points of a modern, western society. And since do minority beliefs dictate majority rules? I am just shocked.

I honestly wonder, if the had of the CD party wasn’t a woman (Päivi Räsänen), would they want to remove women’s right to vote? Or maybe they could try to get stoning as a valid legal punishment?

And what is the problem with gay people? People, this is the 21st century! Honestly, Räsänen, IIRC, pulled the “i have a lot of gay friends”-card when the issue was brought up, which of course makes her exempt from critique. After all, how can a person who has gay friends have anything against them! I have a black friend, therefore i can’t be racist no matter what i do! What a can of worms. As an aside, a poll conducted last year shows a majority of us Finns support same rights for same-sex couples. So i stress again, when the majority of the people are of a certain opinion, how do the opinions of 4% factor in?

So until this government is dissolved (fingers crossed), or four years passes, we’re stuck with these fucking 19th century views of the world. It never seizes to amaze me how in 2011, we’re still making government policy based on ~1800 year old writings that have been redacted, translated, re-translated, re-redacted, and ultimately, probably written by a bunch of goat-herders who just enjoyed a really good batch of mushrooms, or a nice big spliff.

I wish Räsänen would just sit down and take a nice big hit, and stop being dumb.

Edit Seems like, after the negotiations were done, the adults stayed in the room and made a deal of their own, ignoring the views of the CD. Of course, not long after, CD chairperson Räsänen came out saying “No, we were not duped”. Whatever dudes, whatever.

Edit 2 – Added the poll about same-sex rights.

Random & The HBGary Federal stuff

Disclaimer – This was an earlier post, with a lot of speculation on my part, in regards to the HBGary hack by Anonymous. After more thorough research, a revised post was released here. Please refer to this if you are looking for a hopefully more accurate account

 

So the last few days, weeks, whatever have been a bit quiet. So i’ll just take this time off and talk about some of the issues i’ve been thinking about.

First of all, i need to get rid of a bunch of hardware, so if you need anything like memory, or servers (without their harddrives), or regular desktop machines.. or i suppose i might even have a few smaller lcd screens, hit me up with a comment or an email. I’ll post a better list later, but here’s some of the stuff:

  • Two HP DL380 tower servers, i don’t have the specs on hand, one was i think a dual processor and the other single. RAM included
  • An IBM xSeries tower server, which is actually pretty compact and not too loud, but also, it’s not very fast
  • Various desktop towers
  • RAM: DDR1, DDR2 (1GB and smaller sticks), and various DDR1 and DDR2 SO-DIMMs for laptops
  • I may also be selling two 17″ LCD screens
  • Various expansion cards and what-have-you

I’d also be interested in finding a pair of 2GB non-ECC DDR2 for my desktop, since running multiple virtual machines is putting a strain on my current 6GB configuration.

Currently i’m on an Oracle 11g course, which lasts five days. I’m not really going to be a database guy, and frankly i’m not too interested in this either. I do it from a pure carreer perspective, and because i know that we have a lack of Oracle knowledgeable people where i work.

Also, this morning i realized we live in a world where few clocks ever tell the same time. Waking up, eating breakfast and walking to the train station, i was confronted with at least 8 different versions of what the time currently was. Bewildering.

Anonymous owns HBGary and HBGary Federal

Disclaimer – This was an earlier post, with a lot of speculation on my part, in regards to the HBGary hack by Anonymous. After more thorough research, a revised post was released here. Please refer to this if you are looking for a hopefully more accurate account

And i don’t mean they bought the fuckers. So here’s the story as i’ve been able to patch it together: HBGary Federal (a separate corporate entity working under the HBGary name, providing infosec research and such for government) CEO and Co(?)-owner Aaron Barr decided he was going to blow this whole anonymous case wide open. Now as i’ve discussed in multiple posts, this stems from the clear stupidity and thick-headedness of people, refusing to understand what and how anonymous works. Barr had the brilliant idea of “infiltrating” the anonymous networks (err.. i mean the public irc-channels at anonops.ru #anonops #anonymous #reporters etc.) and find out as much as he could about the leadership of anonymous. He then compiled in data from various social networks, simply taking a persons IRC identity or other available data, and connecting it to mostly random people using the same nicknames or such on Facebook, for instance. You should now be able to see how faulty his methodology is to begin with. He then boasted that he has the identities of most of anonymous’ leadership and organisers. He made up roles and titles for various people, like “co-founder of anonymous”. Anonymous caught wind of this, and decided to have a look at the list.

Supposedly 16 year old female hacker ‘kayla’, known on the IRC channel as `k, social-engineered an admin at rootkit.com, Jussi Jaakonaho (who is also a chief researcher at Nokia, incidentally) pretending to be Greg Hoglund, CEO at the main company HBGary. Note that HBGary is not directly affiliated with HBGary Federal, though it carries a 15% share of HBGary Federal in the form of investments. Through Jussi, she was able to get root access to the servers at rootkit.com. From there the problems escalated, and while i don’t have the full details, i suspect credentials or data found on rootkit.com were used to compromise Barr’s account on HBGary Federal, and numerous other locations, such as Twitter.

The result was an onslaught of defacement and luls from Anonymous, as they downloaded over 50 000 internal e-mails from HBGary and HBGary Federal employees and executives. These were subsequently published as a torrent, which can be found with little to no trouble. To add insult to injury, Anonymous sent the “brilliantly” collected (and false) data that Barr was supposedly going to sell to the FBI (as evidenced by an 11 AM meeting on monday 7th February found in his e-mails) to the FBI for free. Barr claims he was never going to sell the data, or that he was going to redact the names, but that’s really irrelevant at this point. He also claims it was only for research purposes, but internal emails show he was clearly going to profit in a business sense either directly through selling the data/research or through PR he would have gotten for “exposing” the “leaders” of Anonymous. All of which is total and utter bullshit. Most of the people on the list have little or no affiliation to anonymous, and could have gotten into serious trouble had this data not come out in time.

Barr’s twitter account was owned, adding “raging homogay” to his about-box, and posting various lewd comments on his feed. His new Twitter avatar is also a variation of a classic 4chan meme, “Forever Alone”, modified to “Forever Barrlone”. You should really check it out, it’s quite funny if you are into this whole meme business. Also read all the tweets from the past few days, as they provide some insight into what went on.

Ted Vera’s (COO / President at HBGary) Linked in profile was also defaced to change his name to Colossal Faggot, though i doubt it’s still out there. Google cache might still have it, plus i suppose screenshots exist.

All in all i can’t say i give a flying fuck about any of these people or their respective companies. If you are in the security business, and particulary in the business of selling research and data to the federal government (thank god it’s not mine), then you need to be competetent and know what the hell it is you are doing. If you are an incompetent asswipe, then bad things may happen to you. You don’t deserve your job, your bonuses, your cushy little office and the notion of job security. You deserve to go back to school, admit your failures and start over. Though that might be a bit hard at this point, seeing as i would find it very unlikely that the likes of Barr would ever be hired to do anything with computers ever again.

Anonymous has stated they have in ther posession more emails that are as of yet unpublished, and they have had negotiations with the owner and CEO of HBGary as to the next steps in this whole debacle . The IRC logs of that are quite .. a read. Anonymous demanded that for the rest of the data to stay secret (this is called extortion), they need to see Aaron Barr stripped of his job, and all future investments to HBGary Federal. Also they requested that all such funds instead be diverted to the Bradley Manning defense fund, the EFF and other such causes. HBGary is in the process of thinking about things.

Quite a thing to see the CEO of a multi-million dollar company on IRC, begging these anonymous types not to release more mails, as they would cause millions in damage. “Think about what this will do to your reputation”, HBGary urged. Anonymous replied with “What reputation, and why should we care?”

It has to be rather bewildering for your average corporate type to face an adversary that does not care for the traditional things. Reputation is irrelevant. Possible consequences, irrelevant. Legal threats, irrelevant. Sure, you can (and they have) caught a number of people associated with anonymous, but there are tens, maybe hundreds of thousands of people ready to take their place, if they feel like it will get them the laugh of the day.

I’ll end with another paraphrasing from the IRC logs, where one Anonymous stated, after just saying he knows this will cost HBGary millions, and that he doesn’t care, that he will now go play Fallout.

Oh and one more thing…

I have to really hand it to both Greg Hoglund, and especially Penny Leavy, who is president of HBGary. She took time out of a nightmarish day, to go on IRC and talk to anonymous. She tried to talk to these people, and she tried to grasp the concepts. Aaron Barr however, who also appeared on the channel under the alias CogAnon, was less than courteous. He talked trash and left without answering any questions, clinging to the one sentence he thinks will save him: “I did it all for research”. That’s like pissing on an angry mob, who has already burned down your house, broken your car and kidnapped your cat.

Brand Bias

This is by no means a new phenomena or anything, but it caught my eye.. or ear i should say, when i was listening to the latest episode of the Linux Action Show (Season 15, episode 3). There was a mention of the curious Apple-bias that many tech sites seem to have; the one mentioned was Tech Crunch. They recently made an article on how many percent of smartphone users are using the latest version of their software. For apple, the number was ~90%, and for android this was 0.4%. Yes. But see for Android the rules were not the same, no. IOS, the apple smartphone OS, has had numerous versions of the 4.x series (which were all included in the 90%), and android has had many under 2.x. But Tech Crunch (which, i know, is a group edited site, so content is perhaps not always of the highest quality) decided that they would compare to Android phones using 2.3 Gingerbread. Which isn’t really fair, if apple gets an entire whole series of releases under 4.x and Android gets one specific version with no variance. Oh well, i guess apple just rules because their users are almost all on the latest version then.

This is a widespread phenomena. Anything Apple does is toted as revolutionary, even if it has been done and re-done thousands of times before. They release the iPad which is a crippled piece of shit, and then wait a year and soon they will release the iPad2, to the amazement of all, and it will be the best thing out there because they added an SD card slot and the ability to make video phone calls or something. That’s some dank shit right there guys. Apple also called out Android tablets as being nothing but oversized smartphones (this was during CES, which saw the release of multiple Android-tablets), and that their OS is not designed for tablet use. Sure, Android tablets have so far been mostly crap and slow, but then, at least we have choice, and hardware that isn’t locked down. Android 3.0 will be geared towards tablets, so there is development here too. And if the iPad isn’t a crippled oversized iPhone then i don’t know what is.

Engadget has been pretty good at not freaking out about apple stuff, but they do their share too. Gizmodo obviously is another one who just licks the honey-dew sweat off the balls of Apple. There are too many sites to mention that ride that ugly train.

It should be noted that i am typing this on a MacBook Pro, which my employer got for me, at my request. I also had an iPhone 3GS, which i swapped out after about 6 months of use, because i thought it did not deliver what i wanted. I picked the Galaxy S simply because of its features, not because it has a shiny apple on the back of it.The main reasons for choosing an Android phone today is that you get an exchangeable battery, SD card slot, the freedom to choose what applications and most importantly, what carrier you use. Carrier lock-in is perhaps the stupidest invention of the 21st century, and it should be fought whereever it appears. When you buy a device, make sure you own it, and not the manufacturer or carrier.

Yes, the iPhone is exceedingly easy to use, and if you live in a country that has working cellular networks (unlike the US), it’ll work great for the basic user. But i can’t imagine any advanced user wanting to use an iPhone, simply because the platform is controlled by Apple so tightly. Apple recently even went as far as to change the screws on their flagship hardware (like the iPhone 4), so that you couldn’t open the phone as easily as before. Ofcourse, Ifixit now sells the screwdriver and kit to change the mangled freedom-hating screws to regular philips head screws for 9.95. If you still own an iPhone, and you want to keep owning the hardware you paid for, and for instance, change the battery (which is not possible without opening up the device entirely), get that kit from ifixit. The same goes for the Macbook Air, and i think the newer Macbook Pro’s. This is just rude behavior, and they had to know that people would open the phones anyway. So why go through the trouble? I wonder how many millions it cost to replace the screws, and what benefit they thought they got out of it?

I also have to hand it to Apple. They have the best marketing team ever. Never fire those guys, they are pure gold. No other company in the history of man has such overhyped crap that everyone seems to want. On top of that, they cost a shit-ton, are completely locked down and behind the curve in features. And again i stress that i picked an iPhone out of my free will, i just didn’t like the way it made me feel locked down. You can argue all you like about jailbreaks and unlocks, but the fact is, it’s your phone. But with Apple, that’s just not the case. You don’t own your own phone.

Politics, meet Religion. Religion, meet the 21st century.

Handshakes and hugs all-around?

No.

I’ll stray from my regular technical writing for a moment, to adress an issue that is very much in the public eye at the moment here in Finland. It all started on a sad and rainy tuesday, the 12th of October. YLE (our state television channel) showed a program called A2: Homoilta (A2: Homonight). No, that’s not a piece of adult entertainment. It was meant to stir discussion on the whole topic of homosexuality and the church. The themes, as listed by YLE were: “Should gay couples be allowed to adopt children? Should gay couples be allowed to get married? How about church weddings?”. An interesting topic, no doubt.

What ensued was an hour of shitslinging on the gay community, or well, you can look at it yourself http://areena.yle.fi/video/1354542 for another 25 days if you are in Finland (i’m sure it’s mirrored, though). Among the commenters was party secretary of the Christian Democrats, Päivi Räsänen. A very religious person, with bright shiny eyes, and some amount of political power.

She argued, among other things, that romantic love can only exist between a man and a woman. Other arguments were that the bible, god’s word handed down to us, opposes homosexuality in all its forms, and is therefore a sin. The same old song and dance. Basically it was very mean and hateful content.

Very soon, in fact already during the program, people were allowed to post commentary on the web. And instantly, the ball started rolling. Räsänen and her hate had started a little avalanche, that is now maybe only gaining speed.

Okay so let’s back up a moment. Finland is a country where most of the 5 million or so residents are christians, and part of the church. The numbers are staggering, if we take into account the current year, 2010. We have about 80% of the entire population that belong to our Lutheran church. This is a declining trend, as we can see in multiple graphics here: http://personal.inet.fi/private/bucket/evl/.

But 80% makes a shitload of people in any case. Now, we also know for a fact (no quotes on this one, just personal experience), that most people beloning to the church are not what we call practicing christians. People who really and truly believe, and take the word of the bible as law. Maybe it’s 10%, 15% out of those.. 4 million people. So why are the numbers so high, in this day and age, where most people have stopped believing in fairytales.

A few reasons. Firstly, getting out of the church only became possible in 1923. Which is a while ago. But take into effect generations of upbringing. If your parents were pious christians, chances are they read the bible to you every damn day of the year. You said your prayers and went to church on sunday. Now, i’m not saying these practices are bad per se, but they are outdated. They teach values (select values, but more on this later), that are not adapted to modern society. Most of these things are nearly 2000 years old (the oldest pieces of biblical text are, i think, from the first or second century), and if they were not filtered out in the great christian meetings in the middle ages (where unsuitable content was filtered out), they are still more or less in the modern bible.

Select values then. This is one of those hard-to-answer questions that you can throw at a Christian. Why do you follow one part of the bible, but not the other? If the bible is god’s word, and is not to be interpreted, why do you leave out the parts about stoning women to death, or sacrificing animals and people? Why do you choose to keep the parts that say gay is bad?

So anyway, upbringing. You can teach a child most anything. Indians probably taught their children that the white man is the devil, and the white man did the same for the indians. See, i didn’t pull the Nazi card!

But if you are a child of very young age, you have very little opinion forming skills. Your brains and cognition simply are not developed enough for you to be able to make up your own mind. So you take what you get, and you add that on. The same reason a child tries to mimic your facial expressions, at only a few weeks old. To this child, you are it.

Later on you can decide to quit church, or become a muslim or Jehovas Witness. But if you have just gone through 15 years of brainwashing, are you likely to do that? Or are you more likely to continue with what you find comfortable, and then, when the time comes and you get children of your own, keep teaching the same stuff. I’ve made up my mind, but i’ll allow my three and a half readers (you know who you are) to make up your own minds.

So if only adults could join the church, how many would? I doubt highly it’d be 4 million people. The church knows this, and anyone with half a brain knows this. But can we legalize this? No. Even though i relish the idea of illegalizing the brainwashing of children with religion until they are old enough to decide for themselves, such a law is simply not possible to monitor.

But what we could do is, make the mandatory age for joining any religious group say.. 15 or 16. No younger members will be admitted. And then see what happens. But we are still unable to regulate (and well so) what people teach their children at home. Let me just add that some people are not suitable parents. This includes people who believe in stories written 1800 years ago by goat-hearders who probably had too much of those mushrooms.

But alas, rationality is far from this entire discussion. It is, mere utopia.

We can still go on, however! A valiant fight against those who would oppose rationality and progress!

So what has happened after “Gaynight”? Well, a lot. In Finland we can (at least right now) leave the Lutheran (or Orthodox) church online, through http://www.eroakirkosta.fi. It’s very easy, and quick, and painless. No trips to the local priest, who will try to talk you down (as it once was). This site is sponsored by the nonprofit organisation called Tampereen Vapaa-ajattelijat (Tampere Free-thinkers). It’s just a lonely Debian box, being hammered all to shit right now, because so many people want to leave!

Since last tuesday, nearly 20 000 people have left the church. This is almost half of the entire collective amount for 2009! If the trend continues (which it will at least for a few more days), we might end up surpassing last years numbers alltogether. The daily numbers today are around 5000-7000 people leaving.

And it’s not just a reaction against the church, refusing to enter the 21st century, or one mad politician spewing out hateful (and sometimes confusing) commentary. It’s also a pain in the ass for the church.

Due to the hateful words said last week, the church has lost an estimated 6 million euro in tax income. You see, in Finland, the Lutheran and Orthodox church are allowed to collect tax, despite the fact that state and church should be separate. If you are a member of the church, 1 % of your annual income will go towards helping the church do.. what it does best. Build expensive buildings, and keep spreading their message of “love” (except for homosexuals, lesbians, transvestites, and other perverse deviants of gods creation!). The average is around 300 euro a year per person in taxes.

Are you ready to pay to keep this hate and frankly, anachronistic asshattery going on? In this day and age? Or are you ready to think for yourself? Give that a thinker.

So as a final word (for now): Now we have a situation where the Arch Bishop has stated that words of party secretary Räsänen do not reflect those of the church. But he did not state either, that he would allow gay couples to get church weddings. He was being a diplomat. But this wasn’t good enough for Räsänen. She lashed out and gave out a statement that said basically “Does the Bishop imply that he feels gay marriage is okay by the church?”.

Which led to one thing, which led to another. Basically what we have now is this political party full of fairytale-fans, lashing out at the church, and the church trying to protect what it does best. I’ll probably write up a followup as things progress. And i will leave you with this last (really) thought:

Do you want to support an organisation that stands for hate and intolerance? 20 000 people (and many more before them) think not. And stopping the support for the church does not mean you have to give up your beliefs.

 

Assembly 2010, and some other updates

Assembly 2010 is over and done. Thursday through Sunday was spent at Hartwall Arena, the biggest hockey arena in Finland. Assembly is, to my knowledge, the biggest demo-scene party in the world. It’s also basically (and some would say today, more) a LAN party. Imagine 3000 geeks hauling their computers, audio gear and other doohickeys to a single location with near limitless bandwidth and power to make music, socialize, play games and above all else, watch demos and music produced by others; competing in different categories. These are collectively called compos, short for competitions.

*disclaimer* I’m not involved in the demo-scene, even though i greatly admire it. I also did not start computing with Charles Babbage in the late 1800’s, and am not familiar with most of the older hardware. Some terms might be wrong, because i simply don’t understand everything, but i try. *disclaimer*

The wildest part of the event are the compos. It’s a demo scene event, not a LAN party. There’s a separate event called Assembly Winter, which is focused on gaming. But still, i would say most attendees are there to play games. And while i did my fair share of gaming, demos are what i come there for. And my friends.

So what’s so special about demos, and what are they? Well, demos are interactive, or non-interactive multimedia presentations, that have to abide by certain guidelines. Some demos are called intros, and are shorter, and smaller in size than full demos. There are two kinds of intros at assembly, the 4K and the 64K intros. The K refers to Kilobytes, as that is the sizelimit for the compressed intro. Intro are all executable, so whatever you see and hear are created by the program as it is being run. It’s not a drawn animation or a set of ready made frames.

Now imagine 4KB. 4096 characters. Try to include music, moving graphics and text, and if you have any concept of memory, you will be blown away. My Suunto T3 digital watch has multiple times this amount of memory. Heck, your SIM card has more memory to use! Though, it has to be mentioned that libraries and such are not included in the compressed demo. With libraries included, the size is considerably larger, but.. still. They are awesome, and the people making them are total demi-gods at their craft.

The entries in general were good, and surprisingly plentiful. Quality was high in the 4k and 64K intros, while the demo category was a bit of a letdown, compared to the last two years, at least.

I met some great people. you know who you are. Met some current and ex-colleagues, most of whom hard at work organizing the whole thing for the rest of us. Thanks to you guys.

—-

Updates

—-

Jacob Appelbaum, whom i mentioned in the HOPE posts, was recently arrested arriving to the US. Interrogated, his laptop confiscated and then returned (because he refused to hand over encryption keys). So i guess, the FBI didn’t really like the stunt he pulled at HOPE. I’m not sure what the current situation is, but i hope he’s alright. He seemed like a nice fellow, who does not deserve to be persecuted.

In other news, the Pentagon has threatened Wikileaks. They are demanding they take down all the material stolen (they mean leaked by their own people), or else. I wonder what the fuck they are going to do about it, huh? Bomb every colocation center in the world? Well it wouldn’t be the first time you just shoot at everything to prove a point. But i double dare them to do anything. Wikileaks isn’t going anywhere, and since the materials are already on the tubes (the internet for the rest of you!), they are never ever coming back to them again. Removing wikileaks, though this will never happen, will change nothing. It will merely fuel the fire, and for every mirror taken down, five new ones will come out. The files are available as Torrents, and already on numerous other sites. “Taking back” or “returning” content does not work like the on the internets, guys. If person A steals a missile, you can demand to have it back. If person B copies files that you inadequately protected, and walks out with them, and posts them on the web, it is a copy, therefore un-returnable, especially when it’s been distributed.

So in conclusion, do not threaten people when you do not have the slightest fucking idea of what you are talking about. Second of all, secure your shit if you don’t want it to get out. Third of all, i hope you burn in hell for the stuff you’ve done all over the world. You do not run the world, even if you have all the bombs.

That is all.